home

narcpi_wfp.sys

ContentWatch

It runs as a Windows 64-bit kernel mode device driver named “narcpi_wfp”.
Publisher:
ContentWatch  (signed and verified)

MD5:
0a63c11e8c1aef6f06b60c050cdff0b7

SHA-1:
7ab5bf75435375f1a44f2283f722cc2501eb1730

SHA-256:
590d461fd639aae39a20211371140235fdbcff77bd6c1ec0b33e870d69f5bd2b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 12:40:47 PM UTC  (today)

File size:
32.8 KB (33,584 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\narcpi_wfp.sys

Digital Signature
Signed by:
ContentWatch

Authority:
GlobalSign nv-sa

Valid from:
8/1/2012 6:35:24 PM

Valid to:
8/2/2015 6:35:24 PM

Subject:
CN=ContentWatch, O=ContentWatch, L=Midvale, S=Utah, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213A8155A0FD90E501E2EB88F998156CDE

File PE Metadata
Compilation timestamp:
5/5/2014 3:28:39 PM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

Entry address:
0x9070

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, 83, FF, FF, FF, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, 5A, 83, FF, FF, CC, CC, B8, 91, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A8, 94, 00, 00, C8, 60, 00, 00, F0, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 26, 95, 00, 00, 00, 60, 00, 00, 18, 91, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1A, 97, 00, 00, 28, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3579

Code size:
20 KB (20,480 bytes)

Driver
Display name:
narcpi_wfp

Description:
NARC Packet Informant (WFP)

Type:
Kernel device driver (KernelDriver)


Scan narcpi_wfp.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.